實體Entity
package com.example.demo.Entity;
import javax.persistence.*;
@Table
@Entity(name="redis")
public class SysRedis{
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
private int id;
private String password;
private String username;
public int getId() {
return id;
}
public void setId(int id) {
this.id = id;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public SysRedis(String username,String password){
this.username = username;
this.password = password;
}
}
Dao層(省略)
Service層
public boolean login(SysRedis user);
public List<SysRedis> getList();
ServiceImpl層
package com.example.demo.Service.ServiceImpl;
import com.example.demo.Entity.SysRedis;
import com.example.demo.Service.SysRedisSerivce;
import org.springframework.stereotype.Service;
import java.util.ArrayList;
import java.util.List;
@Service
public class SysServiceImpl implements SysRedisSerivce{
@Override
public boolean login(SysRedis user) {
String username = user.getUsername();
String password = user.getPassword();
if(username.equals("king") && password.equals("123")){
return true;
}
return false;
}
@Override
public List<SysRedis> getList() {
SysRedis user1= new SysRedis("king1","12345");
SysRedis user2 = new SysRedis("king2","12345");
SysRedis user3 = new SysRedis("king3","12345");
List<SysRedis> list = new ArrayList<>();
list.add(user1);
list.add(user2);
list.add(user3);
return list;
}
}
Controller層
package com.example.demo.Controller;
import com.example.demo.Entity.SysRedis;
import com.example.demo.Service.SysRedisSerivce;
import com.example.demo.Unti.TokenUtil;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@Controller
public class SysRedisController {
@Autowired
private SysRedisSerivce sysRedisSerivce;
@PostMapping("/login")
@ResponseBody
public Map<String,Object> login(String username, String password){
Map<String,Object> map = new HashMap<>();
SysRedis user = new SysRedis(username,password);
if(sysRedisSerivce.login(user)){
String token = TokenUtil.sign(user);
if(token != null){
map.put("code", "10000");
map.put("message", "認證成功");
map.put("token", token);
return map;
}
}
map.put("code", "0000");
map.put("message", "認證失敗");
return map;
}
@PostMapping("/getList")
public List<SysRedis> getList(){
List userList = sysRedisSerivce.getList();
return userList;
}
}
package com.example.demo.Unti;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import java.util.ArrayList;
import java.util.List;
public class IntercepterConfig implements WebMvcConfigurer {
private TokenInterceptor tokenInterceptor;
//構造方法
public IntercepterConfig(TokenInterceptor tokenInterceptor){
this.tokenInterceptor = tokenInterceptor;
}
@Override
public void addInterceptors(InterceptorRegistry registry){
List<String> excludePath = new ArrayList<>();
excludePath.add("/user_register"); //註冊
excludePath.add("/login"); //登錄
excludePath.add("/logout"); //登出
excludePath.add("/static/**"); //靜態資源
excludePath.add("/assets/**"); //靜態資源
registry.addInterceptor(tokenInterceptor)
.addPathPatterns("/**")
.excludePathPatterns(excludePath);
WebMvcConfigurer.super.addInterceptors(registry);
}
}
package com.example.demo.Util;
import com.alibaba.fastjson.JSONObject;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.PrintWriter;
@Component
public class TokenInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)throws Exception{
if(request.getMethod().equals("OPTIONS")){
response.setStatus(HttpServletResponse.SC_OK);
return true;
}
response.setCharacterEncoding("utf-8");
String token = request.getHeader("admin-token");
if(token != null){
boolean result = TokenUtil.verify(token);
if(result){
System.out.println("通過攔截器");
return true;
}
}
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json; charset=utf-8");
PrintWriter out = null;
try{
JSONObject json = new JSONObject();
json.put("success","false");
json.put("msg","認證失敗,未通過攔截器");
json.put("code","50000");
response.getWriter().append(json.toJSONString());
System.out.println("認證失敗,未通過攔截器");
// response.getWriter().write("50000");
}catch (Exception e){
e.printStackTrace();
response.sendError(500);
return false;
}
return false;
}
}
package com.example.demo.Unti;
import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.interfaces.DecodedJWT;
import com.example.demo.Entity.SysRedis;
import java.util.Date;
public class TokenUtil {
private static final long EXPIRE_TIME= 15*60*1000;
private static final String TOKEN_SECRET="token123"; //密鑰鹽
/**
* 簽名生成
* @param user
* @return
*/
public static String sign(SysRedis user){
String token = null;
try {
Date expiresAt = new Date(System.currentTimeMillis() + EXPIRE_TIME);
token = JWT.create()
.withIssuer("auth0")
.withClaim("username", user.getUsername())
.withExpiresAt(expiresAt)
// 使用了HMAC256加密算法。
.sign(Algorithm.HMAC256(TOKEN_SECRET));
} catch (Exception e){
e.printStackTrace();
}
return token;
}
/**
* 簽名驗證
* @param token
* @return
*/
public static boolean verify(String token){
try {
JWTVerifier verifier = JWT.require(Algorithm.HMAC256(TOKEN_SECRET)).withIssuer("auth0").build();
DecodedJWT jwt = verifier.verify(token);
System.out.println("認證通過:");
System.out.println("issuer: " + jwt.getIssuer());
System.out.println("username: " + jwt.getClaim("username").asString());
System.out.println("過期時間: " + jwt.getExpiresAt());
return true;
} catch (Exception e){
return false;
}
}
}
postman